NIST Announces Technical Correction to Secure Hash Standard

The National Institute of Standards and Technology today announced it will initiate a technical modification to a computer security standard used to support the authentication of electronic messages.   The revision will correct a minor flaw that government mathematicians discovered in a formula that underlies the standard.

The Secure Hash Standard, adopted as a federal information processing standard (FIPS 180) in May 1993, can be used for computing a digital signature and remains a highly secure way to ensure the integrity and authenticity of data used in electronic mail, electronic funds transfer, software distribution and data storage applications.  NIST expects that products implementing the current standard can be used until the technical correction becomes effective.

Researchers at the National Security Agency, who developed the formula and discovered the flaw in a continuing evaluation process, now believe that although the formula in FIPS 180 is less secure than originally thought, it is still extremely reliable as a technical computer security mechanism.  The discovery of this flaw indicates the value of continued research on existing and new standards.

The Secure Hash Standard specifies a secure hash algorithm for computing a condensed representation of a message or data file.  This 160-bit condensed message "digest" represents the original message and can be used in computing a digital signature to authenticate the integrity of the message.  It is highly probable that any change to the message after it has been signed will result in a different message digest, and the  recipient will not be able to verify the signature.  Signing the message digest rather than the whole message usually improves the efficiency of the digital signature process. 

It is very highly improbable that today's computation equipment can figure out any message that corresponds to a given message digest. 

The standard applies to agencies of the federal government for protecting unclassified information when a secure hash algorithm is required.  Private and commercial organizations have been encouraged to use this standard on a voluntary basis.  The SHS was designed to be used with the proposed Digital Signature Standard, which is based on the digital signature algorithm and has not yet been approved.

As a non-regulatory agency of the Commerce Department's Technology Administration, NIST promotes U.S. economic growth by working with industry to develop and apply technology, measurements and standards.  NIST also is responsible, under the Computer Security Act of 1987, for developing standards and guidelines for the cost-effective protection of unclassified federal computer systems.